[原文]Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with large height parameters, as demonstrated by mangleme.

-
漏洞信息

-
漏洞描述

Mozilla Web Browser contains a flaw that may allow a remote denial of service. The issue is triggered when a user access a malicious web page containing TEXTAREA, INPUT, FRAMESET, or IMG tags followed by a NULL character and extra characters, and will result in loss of availability for the service.

-
时间线

公开日期:
2004-10-18

发现日期:
2004-10-18

利用日期:2004-10-18

解决日期:Unknow

-
解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

-
漏洞讨论

A vulnerability exists in Mozilla that will most likely cause a denial of service. The source of the issue is that an invalid pointer is dereferenced when the browser renders an unusual combination of visual elements.

Although this issue was reported in the Mozilla browser, other applications based on the same code may also be affected such as Firefox/Thunderbird/Netscape.

-
漏洞利用

This issue was discovered with the mangleme Web fuzzer:

http://lcamtuf.coredump.cx/soft/mangleme.tgz

A proof-of-concept is available at the following Web page:

http://lcamtuf.coredump.cx/mangleme/gallery/mozilla_die2.html

---Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

-
解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.